Cyber attacks are on the rise and it seems no one is safe. From “Apache Killer” software that causes a Denial of Service attacks against Apache Web servers, to the “Night Dragon” trojan that targets oil and energy companies, and the “Lizamoon” attacks on potentially one million websites…the list goes on and on.

The bad guys are winning. And too many corporate security teams are simply unprepared.

The battle for your network revolves increasingly around information superiority. Network defenders must have a clear and comprehensive understanding of what they’re protecting and how to protect it properly. When they don’t and attackers establish information superiority over a defender, it’s very difficult to protect against (or remove) them.

With outdated defensive strategies, it is virtually impossible for security teams to achieve anything close to information superiority.

The reality today is that nearly every network security organization is flying blind and deploying security infrastructure without sufficient understanding of what they’re defending and what they need to defend it from. This is primarily a byproduct of the massive deployed security infrastructure, which was largely architected in the '90s for networks that have evolved far beyond their ability to adapt. To be successful today, real-time discovery and synthesis of data about the operational environment as well as security technology that can integrate this data is essential.

Given the lack of awareness, it’s not surprising that the Verizon 2011 Data Breach report found that in roughly one third of attacks you have merely minutes between entry and compromise. And most organizations are oblivious to these breaches – discovering them weeks or even years after the initial attack.

First, these tools are labor intensive and do not integrate with existing security infrastructure. They rely on ad hoc, people-driven processes to discover assets on the network. Unfortunately, people operate on human time scales and are simply incapable of discovering all of the information about a network that changes from hour to hour and turning that data into changes in the configuration of security devices. In the current security and business climate there simply aren’t enough hours in the day and most organizations can’t hire a large enough staff to take protective action in meaningful time frames.

Second, the level of financial backing and sophistication of today’s attackers make these solutions very susceptible to reverse engineering. Attackers can purchase every solution available. Because these solutions are relatively inflexible with very few points of adjustment, it’s easy to quickly identify potential vulnerabilities, evasions and opportunities for penetration.

Static defenses are inadequate in today’s complex and fast-paced world. Organizations need solutions that are environment-aware and require less human intervention than traditional approaches.

Accenture’s “Technology Vision 2011” report calls for “a realistic and practical approach to IT security. What’s needed now is a cascaded, reflex-like security architecture that responds proportionately to threats when and where they happen.

It’s time to bring our security solutions into the 21st century. We need to move from static approaches that were never designed for today’s dynamic, rapidly changing networks, to agile approaches that rely on intelligence and give us the automation we need to deal with modern attacks and attackers.

Intelligence starts with awareness. Since networks evolve in real-time, awareness technology has to operate in real-time. A list of the assets in the environment, their configuration and vulnerabilities, behavioral patterns, data motion and interaction, user access and utilization of resources are all data points that are directly needed by security devices to function properly.

Then, you need technologies that can map these data points to a threat model of the environment being protected and continuously update the model as information changes. This requires intelligence generated both locally and collectively by the larger community in order to gain perspective and spot potential attacks.

Automation is critical to proactive protection. But it isn’t enough to automatically find signs of attack and alert a human to take action. By the time humans can effectively react the damage is done. And automatically deploying the same old defenses won’t work against threats that are designed to take advantage of gaps between your static security technologies. We need to go a step further with solutions that can intelligently and automatically adjust to provide protection. Whether it’s blocking malicious attacks, enforcing policies, prioritizing and pointing out suspicious events to human analysts, or reporting to the organization – it all needs to happen automatically and in real-time.

The ultimate responsibility of any security system is to protect sensitive assets and data. Ten or 20 years ago when we faced a handful of threats a day it was reasonable, and effective, to count on a combination of black boxes and skilled security analysts to protect digital assets. But with tens of thousands of new attacks every day continuous human interaction is not possible and the old technologies can’t keep up.

Organizations can take back control of their protection efforts. It all comes down to shifting information superiority from the bad guys to IT security teams. For security to be effective, it must be agile.